package org.xdi.oxauth.register.ws.rs;

import com.codahale.metrics.Timer;
import java.net.URI;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashSet;
import java.util.List;
import java.util.TimeZone;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.log.Log;
import org.jboss.seam.log.Logging;
import org.xdi.ldap.model.CustomAttribute;
import org.xdi.model.metric.MetricType;
import org.xdi.oxauth.client.RegisterRequest;
import org.xdi.oxauth.model.common.AuthenticationMethod;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.common.SubjectType;
import org.xdi.oxauth.model.config.ConfigurationFactory;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.error.ErrorResponseFactory;
import org.xdi.oxauth.model.register.RegisterErrorResponseType;
import org.xdi.oxauth.model.register.RegisterRequestParam;
import org.xdi.oxauth.model.register.RegisterResponseParam;
import org.xdi.oxauth.model.registration.Client;
import org.xdi.oxauth.model.registration.RegisterParamsValidator;
import org.xdi.oxauth.model.token.HandleTokenFactory;
import org.xdi.oxauth.model.util.Util;
import org.xdi.oxauth.service.ClientService;
import org.xdi.oxauth.service.InumService;
import org.xdi.oxauth.service.MetricService;
import org.xdi.oxauth.service.ScopeService;
import org.xdi.oxauth.service.external.ExternalDynamicClientRegistrationService;
import org.xdi.oxauth.service.token.TokenService;
import org.xdi.oxauth.util.ServerUtil;
import org.xdi.util.security.StringEncrypter;

@Name("registerRestWebService")
/* loaded from: input_file:org/xdi/oxauth/register/ws/rs/RegisterRestWebServiceImpl.class */
public class RegisterRestWebServiceImpl implements RegisterRestWebService {

    @Logger
    private Log log;

    @In
    private ErrorResponseFactory errorResponseFactory;

    @In
    private ScopeService scopeService;

    @In
    private InumService inumService;

    @In
    private ClientService clientService;

    @In
    private TokenService tokenService;

    @In
    private MetricService metricService;

    @In
    private ExternalDynamicClientRegistrationService externalDynamicClientRegistrationService;

    @Override // org.xdi.oxauth.register.ws.rs.RegisterRestWebService
    public Response requestRegister(String str, String str2, HttpServletRequest httpServletRequest, SecurityContext securityContext) {
        Timer.Context time = this.metricService.getTimer(MetricType.DYNAMIC_CLIENT_REGISTRATION_RATE).time();
        try {
            Response registerClientImpl = registerClientImpl(str, securityContext);
            time.stop();
            return registerClientImpl;
        } catch (Throwable th) {
            time.stop();
            throw th;
        }
    }

    private Response registerClientImpl(String str, SecurityContext securityContext) {
        Response.ResponseBuilder ok = Response.ok();
        try {
            if (ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationEnabled().booleanValue()) {
                RegisterRequest fromJson = RegisterRequest.fromJson(str);
                this.log.debug("Attempting to register client: applicationType = {0}, clientName = {1}, redirectUris = {2}, isSecure = {3}, sectorIdentifierUri = {4}, params = {5}", new Object[]{fromJson.getApplicationType(), fromJson.getClientName(), fromJson.getRedirectUris(), Boolean.valueOf(securityContext.isSecure()), fromJson.getSectorIdentifierUri(), str});
                if (fromJson.getSubjectType() == null) {
                    SubjectType fromString = SubjectType.fromString(ConfigurationFactory.instance().getConfiguration().getDefaultSubjectType());
                    if (fromString != null) {
                        fromJson.setSubjectType(fromString);
                    } else if (ConfigurationFactory.instance().getConfiguration().getSubjectTypesSupported().contains(SubjectType.PUBLIC.toString())) {
                        fromJson.setSubjectType(SubjectType.PUBLIC);
                    } else if (ConfigurationFactory.instance().getConfiguration().getSubjectTypesSupported().contains(SubjectType.PAIRWISE.toString())) {
                        fromJson.setSubjectType(SubjectType.PAIRWISE);
                    }
                }
                if (fromJson.getIdTokenSignedResponseAlg() == null) {
                    fromJson.setIdTokenSignedResponseAlg(SignatureAlgorithm.fromString(ConfigurationFactory.instance().getConfiguration().getDefaultSignatureAlgorithm()));
                }
                if (fromJson.getIdTokenSignedResponseAlg() == SignatureAlgorithm.NONE) {
                    this.log.debug("The signature algorithm for id_token cannot be none.", new Object[0]);
                    ok = Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
                } else if (!RegisterParamsValidator.validateParamsClientRegister(fromJson.getApplicationType(), fromJson.getSubjectType(), fromJson.getRedirectUris(), fromJson.getSectorIdentifierUri())) {
                    this.log.trace("Client parameters are invalid, returns invalid_request error.", new Object[0]);
                    ok = Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
                } else if (RegisterParamsValidator.validateRedirectUris(fromJson.getApplicationType(), fromJson.getSubjectType(), fromJson.getRedirectUris(), fromJson.getSectorIdentifierUri())) {
                    RegisterParamsValidator.validateLogoutUri((List<String>) fromJson.getLogoutUris(), (List<String>) fromJson.getRedirectUris(), this.errorResponseFactory);
                    String clients = ConfigurationFactory.instance().getBaseDn().getClients();
                    String generateClientInum = this.inumService.generateClientInum();
                    String uuid = UUID.randomUUID().toString();
                    String[] strArr = new String[0];
                    String[] strArr2 = (ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationScopesParamEnabled() == null || !ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationScopesParamEnabled().booleanValue() || fromJson.getScopes().size() <= 0) ? (String[]) this.scopeService.getDefaultScopesDn().toArray(strArr) : (String[]) this.scopeService.getScopesDn(fromJson.getScopes()).toArray(strArr);
                    Client client = new Client();
                    client.setDn("inum=" + generateClientInum + "," + clients);
                    client.setClientId(generateClientInum);
                    client.setClientSecret(uuid);
                    client.setScopes(strArr2);
                    client.setRegistrationAccessToken(HandleTokenFactory.generateHandleToken());
                    GregorianCalendar gregorianCalendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
                    client.setClientIdIssuedAt(gregorianCalendar.getTime());
                    if (ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationExpirationTime() > 0) {
                        gregorianCalendar.add(13, ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationExpirationTime());
                        client.setClientSecretExpiresAt(gregorianCalendar.getTime());
                    }
                    if (StringUtils.isBlank(fromJson.getClientName()) && fromJson.getRedirectUris() != null && !fromJson.getRedirectUris().isEmpty()) {
                        try {
                            client.setClientName(new URI((String) fromJson.getRedirectUris().get(0)).getHost());
                        } catch (Exception e) {
                            this.log.error(e.getMessage(), e, new Object[0]);
                            client.setClientName("Unknown");
                        }
                    }
                    updateClientFromRequestObject(client, fromJson);
                    boolean z = true;
                    if (this.externalDynamicClientRegistrationService.isEnabled()) {
                        z = this.externalDynamicClientRegistrationService.executeExternalUpdateClientMethods(fromJson, client);
                    }
                    if (z) {
                        Date time = Calendar.getInstance().getTime();
                        client.setLastAccessTime(time);
                        client.setLastLogonTime(time);
                        Boolean dynamicRegistrationPersistClientAuthorizations = ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationPersistClientAuthorizations();
                        client.setPersistClientAuthorizations(dynamicRegistrationPersistClientAuthorizations != null ? dynamicRegistrationPersistClientAuthorizations.booleanValue() : false);
                        this.clientService.persist(client);
                        ok.entity(getJSONObject(client).toString(4).replace("\\/", "/"));
                    } else {
                        this.log.trace("Client parameters are invalid, returns invalid_request error.", new Object[0]);
                        ok = Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
                    }
                } else {
                    ok = Response.status(Response.Status.BAD_REQUEST.getStatusCode());
                    ok.entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_REDIRECT_URI));
                }
            } else {
                this.log.debug("Dynamic client registration is disabled.", new Object[0]);
                ok = Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.ACCESS_DENIED));
            }
        } catch (StringEncrypter.EncryptionException e2) {
            ok = internalErrorResponse();
            this.log.error(e2.getMessage(), e2, new Object[0]);
        } catch (WebApplicationException e3) {
            this.log.error(e3.getMessage(), e3, new Object[0]);
            throw e3;
        } catch (JSONException e4) {
            ok = internalErrorResponse();
            this.log.error(e4.getMessage(), e4, new Object[0]);
        } catch (Exception e5) {
            ok = internalErrorResponse();
            this.log.error(e5.getMessage(), e5, new Object[0]);
        }
        ok.cacheControl(ServerUtil.cacheControl(true, false));
        ok.header("Pragma", "no-cache");
        return ok.build();
    }

    public Response.ResponseBuilder internalErrorResponse() {
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
    }

    public void updateClientFromRequestObject(Client client, RegisterRequest registerRequest) throws JSONException {
        List redirectUris = registerRequest.getRedirectUris();
        if (redirectUris != null && !redirectUris.isEmpty()) {
            ArrayList arrayList = new ArrayList(new HashSet(redirectUris));
            client.setRedirectUris((String[]) arrayList.toArray(new String[arrayList.size()]));
        }
        if (registerRequest.getApplicationType() != null) {
            client.setApplicationType(registerRequest.getApplicationType().toString());
        }
        if (StringUtils.isNotBlank(registerRequest.getClientName())) {
            client.setClientName(registerRequest.getClientName());
        }
        if (StringUtils.isNotBlank(registerRequest.getSectorIdentifierUri())) {
            client.setSectorIdentifierUri(registerRequest.getSectorIdentifierUri());
        }
        List responseTypes = registerRequest.getResponseTypes();
        if (responseTypes != null && !responseTypes.isEmpty()) {
            ArrayList arrayList2 = new ArrayList(new HashSet(responseTypes));
            client.setResponseTypes((ResponseType[]) arrayList2.toArray(new ResponseType[arrayList2.size()]));
        }
        List contacts = registerRequest.getContacts();
        if (contacts != null && !contacts.isEmpty()) {
            ArrayList arrayList3 = new ArrayList(new HashSet(contacts));
            client.setContacts((String[]) arrayList3.toArray(new String[arrayList3.size()]));
        }
        if (StringUtils.isNotBlank(registerRequest.getLogoUri())) {
            client.setLogoUri(registerRequest.getLogoUri());
        }
        if (StringUtils.isNotBlank(registerRequest.getClientUri())) {
            client.setClientUri(registerRequest.getClientUri());
        }
        if (StringUtils.isNotBlank(registerRequest.getPolicyUri())) {
            client.setPolicyUri(registerRequest.getPolicyUri());
        }
        if (StringUtils.isNotBlank(registerRequest.getTosUri())) {
            client.setTosUri(registerRequest.getTosUri());
        }
        if (StringUtils.isNotBlank(registerRequest.getJwksUri())) {
            client.setJwksUri(registerRequest.getJwksUri());
        }
        if (StringUtils.isNotBlank(registerRequest.getJwks())) {
            client.setJwks(registerRequest.getJwks());
        }
        if (registerRequest.getSubjectType() != null) {
            client.setSubjectType(registerRequest.getSubjectType().toString());
        }
        if (registerRequest.getIdTokenSignedResponseAlg() != null && registerRequest.getIdTokenSignedResponseAlg() != SignatureAlgorithm.NONE) {
            client.setIdTokenSignedResponseAlg(registerRequest.getIdTokenSignedResponseAlg().toString());
        }
        if (registerRequest.getIdTokenEncryptedResponseAlg() != null) {
            client.setIdTokenEncryptedResponseAlg(registerRequest.getIdTokenEncryptedResponseAlg().toString());
        }
        if (registerRequest.getIdTokenEncryptedResponseEnc() != null) {
            client.setIdTokenEncryptedResponseEnc(registerRequest.getIdTokenEncryptedResponseEnc().toString());
        }
        if (registerRequest.getUserInfoSignedResponseAlg() != null) {
            client.setUserInfoSignedResponseAlg(registerRequest.getUserInfoSignedResponseAlg().toString());
        }
        if (registerRequest.getUserInfoEncryptedResponseAlg() != null) {
            client.setUserInfoEncryptedResponseAlg(registerRequest.getUserInfoEncryptedResponseAlg().toString());
        }
        if (registerRequest.getUserInfoEncryptedResponseEnc() != null) {
            client.setUserInfoEncryptedResponseEnc(registerRequest.getUserInfoEncryptedResponseEnc().toString());
        }
        if (registerRequest.getRequestObjectSigningAlg() != null) {
            client.setRequestObjectSigningAlg(registerRequest.getRequestObjectSigningAlg().toString());
        }
        if (registerRequest.getRequestObjectEncryptionAlg() != null) {
            client.setRequestObjectEncryptionAlg(registerRequest.getRequestObjectEncryptionAlg().toString());
        }
        if (registerRequest.getRequestObjectEncryptionEnc() != null) {
            client.setRequestObjectEncryptionEnc(registerRequest.getRequestObjectEncryptionEnc().toString());
        }
        if (registerRequest.getTokenEndpointAuthMethod() != null) {
            client.setTokenEndpointAuthMethod(registerRequest.getTokenEndpointAuthMethod().toString());
        } else {
            client.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
        }
        if (registerRequest.getTokenEndpointAuthSigningAlg() != null) {
            client.setTokenEndpointAuthSigningAlg(registerRequest.getTokenEndpointAuthSigningAlg().toString());
        }
        if (registerRequest.getDefaultMaxAge() != null) {
            client.setDefaultMaxAge(registerRequest.getDefaultMaxAge());
        }
        if (registerRequest.getRequireAuthTime() != null) {
            client.setRequireAuthTime(registerRequest.getRequireAuthTime().booleanValue());
        }
        List defaultAcrValues = registerRequest.getDefaultAcrValues();
        if (defaultAcrValues != null && !defaultAcrValues.isEmpty()) {
            ArrayList arrayList4 = new ArrayList(new HashSet(defaultAcrValues));
            client.setDefaultAcrValues((String[]) arrayList4.toArray(new String[arrayList4.size()]));
        }
        if (StringUtils.isNotBlank(registerRequest.getInitiateLoginUri())) {
            client.setInitiateLoginUri(registerRequest.getInitiateLoginUri());
        }
        List postLogoutRedirectUris = registerRequest.getPostLogoutRedirectUris();
        if (postLogoutRedirectUris != null && !postLogoutRedirectUris.isEmpty()) {
            ArrayList arrayList5 = new ArrayList(new HashSet(postLogoutRedirectUris));
            client.setPostLogoutRedirectUris((String[]) arrayList5.toArray(new String[arrayList5.size()]));
        }
        if (registerRequest.getLogoutUris() != null && !registerRequest.getLogoutUris().isEmpty()) {
            client.setLogoutUri((String[]) registerRequest.getLogoutUris().toArray(new String[registerRequest.getLogoutUris().size()]));
        }
        client.setLogoutSessionRequired(registerRequest.getLogoutSessionRequired());
        List requestUris = registerRequest.getRequestUris();
        if (requestUris != null && !requestUris.isEmpty()) {
            ArrayList arrayList6 = new ArrayList(new HashSet(requestUris));
            client.setRequestUris((String[]) arrayList6.toArray(new String[arrayList6.size()]));
        }
        List<String> scopes = registerRequest.getScopes();
        if (scopes == null || scopes.isEmpty() || ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationScopesParamEnabled() == null || !ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationScopesParamEnabled().booleanValue()) {
            List<String> defaultScopesDn = this.scopeService.getDefaultScopesDn();
            client.setScopes((String[]) defaultScopesDn.toArray(new String[defaultScopesDn.size()]));
        } else {
            List<String> defaultScopesDn2 = this.scopeService.getDefaultScopesDn();
            List<String> scopesDn = this.scopeService.getScopesDn(scopes);
            if (defaultScopesDn2.containsAll(scopesDn)) {
                client.setScopes((String[]) scopesDn.toArray(new String[scopesDn.size()]));
            } else {
                client.setScopes((String[]) defaultScopesDn2.toArray(new String[defaultScopesDn2.size()]));
            }
        }
        Date clientSecretExpiresAt = registerRequest.getClientSecretExpiresAt();
        if (clientSecretExpiresAt != null) {
            client.setClientSecretExpiresAt(clientSecretExpiresAt);
        }
        if (StringUtils.isNotBlank(registerRequest.getFederationUrl())) {
            client.setFederationURI(registerRequest.getFederationUrl());
        }
        if (StringUtils.isNotBlank(registerRequest.getFederationId())) {
            client.setFederationId(registerRequest.getFederationId());
        }
        if (registerRequest.getJsonObject() != null) {
            putCustomStuffIntoObject(client, registerRequest.getJsonObject());
        }
    }

    @Override // org.xdi.oxauth.register.ws.rs.RegisterRestWebService
    public Response requestClientUpdate(String str, String str2, @HeaderParam("Authorization") String str3, @Context HttpServletRequest httpServletRequest, @Context SecurityContext securityContext) {
        RegisterRequest fromJson;
        try {
            this.log.debug("Attempting to UPDATE client, client_id: {0}, requestParams = {1}, isSecure = {3}", new Object[]{str2, str, Boolean.valueOf(securityContext.isSecure())});
            String tokenFromAuthorizationParameter = this.tokenService.getTokenFromAuthorizationParameter(str3);
            if (!StringUtils.isNotBlank(tokenFromAuthorizationParameter) || !StringUtils.isNotBlank(str2) || !StringUtils.isNotBlank(str) || (fromJson = RegisterRequest.fromJson(str)) == null) {
                this.log.debug("Client UPDATE : parameters are invalid. Returns BAD_REQUEST response.", new Object[0]);
                return Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA)).build();
            }
            if (fromJson.getSubjectType() != null && !ConfigurationFactory.instance().getConfiguration().getSubjectTypesSupported().contains(fromJson.getSubjectType())) {
                this.log.debug("Client UPDATE : parameter subject_type is invalid. Returns BAD_REQUEST response.", new Object[0]);
                return Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA)).build();
            }
            Client client = this.clientService.getClient(str2, tokenFromAuthorizationParameter);
            if (client == null) {
                this.log.trace("The Access Token is not valid for the Client ID, returns invalid_token error.", new Object[0]);
                return Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_TOKEN)).build();
            }
            updateClientFromRequestObject(client, fromJson);
            this.clientService.merge(client);
            return Response.status(Response.Status.OK).entity(clientAsEntity(client)).build();
        } catch (Exception e) {
            this.log.error(e.getMessage(), e, new Object[0]);
            return internalErrorResponse().build();
        }
    }

    @Override // org.xdi.oxauth.register.ws.rs.RegisterRestWebService
    public Response requestClientRead(String str, String str2, HttpServletRequest httpServletRequest, SecurityContext securityContext) {
        String tokenFromAuthorizationParameter = this.tokenService.getTokenFromAuthorizationParameter(str2);
        this.log.debug("Attempting to read client: clientId = {0}, registrationAccessToken = {1} isSecure = {2}", new Object[]{str, tokenFromAuthorizationParameter, Boolean.valueOf(securityContext.isSecure())});
        Response.ResponseBuilder ok = Response.ok();
        try {
            if (!ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationEnabled().booleanValue()) {
                ok = Response.status(Response.Status.BAD_REQUEST);
                ok.entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.ACCESS_DENIED));
            } else if (RegisterParamsValidator.validateParamsClientRead(str, tokenFromAuthorizationParameter)) {
                Client client = this.clientService.getClient(str, tokenFromAuthorizationParameter);
                if (client != null) {
                    ok.entity(clientAsEntity(client));
                } else {
                    this.log.trace("The Access Token is not valid for the Client ID, returns invalid_token error.", new Object[0]);
                    ok = Response.status(Response.Status.BAD_REQUEST.getStatusCode());
                    ok.entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_TOKEN));
                }
            } else {
                this.log.trace("Client parameters are invalid.", new Object[0]);
                ok = Response.status(Response.Status.BAD_REQUEST);
                ok.entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
            }
        } catch (StringEncrypter.EncryptionException e) {
            ok = Response.status(500);
            ok.entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
            this.log.error(e.getMessage(), e, new Object[0]);
        } catch (JSONException e2) {
            ok = Response.status(500);
            ok.entity(this.errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
            this.log.error(e2.getMessage(), e2, new Object[0]);
        }
        CacheControl cacheControl = new CacheControl();
        cacheControl.setNoTransform(false);
        cacheControl.setNoStore(true);
        ok.cacheControl(cacheControl);
        ok.header("Pragma", "no-cache");
        return ok.build();
    }

    private String clientAsEntity(Client client) throws JSONException, StringEncrypter.EncryptionException {
        return getJSONObject(client).toString(4).replace("\\/", "/");
    }

    private JSONObject getJSONObject(Client client) throws JSONException, StringEncrypter.EncryptionException {
        JSONObject jSONObject = new JSONObject();
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterResponseParam.CLIENT_ID.toString(), client.getClientId());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterResponseParam.CLIENT_SECRET.toString(), client.getClientSecret());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString(), client.getRegistrationAccessToken());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterResponseParam.REGISTRATION_CLIENT_URI.toString(), ConfigurationFactory.instance().getConfiguration().getRegistrationEndpoint() + "?" + RegisterResponseParam.CLIENT_ID.toString() + "=" + client.getClientId());
        jSONObject.put(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString(), client.getClientIdIssuedAt().getTime() / 1000);
        jSONObject.put(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString(), (client.getClientSecretExpiresAt() == null || client.getClientSecretExpiresAt().getTime() <= 0) ? 0L : client.getClientSecretExpiresAt().getTime() / 1000);
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.REDIRECT_URIS.toString(), client.getRedirectUris());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.RESPONSE_TYPES.toString(), ResponseType.toStringArray(client.getResponseTypes()));
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.GRANT_TYPES.toString(), client.getGrantTypes());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.APPLICATION_TYPE.toString(), client.getApplicationType());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.CONTACTS.toString(), client.getContacts());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.CLIENT_NAME.toString(), client.getClientName());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.LOGO_URI.toString(), client.getLogoUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.CLIENT_URI.toString(), client.getClientUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.POLICY_URI.toString(), client.getPolicyUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.TOS_URI.toString(), client.getTosUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.JWKS_URI.toString(), client.getJwksUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.JWKS.toString(), client.getJwks());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.SECTOR_IDENTIFIER_URI.toString(), client.getSectorIdentifierUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.SUBJECT_TYPE.toString(), client.getSubjectType());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.ID_TOKEN_SIGNED_RESPONSE_ALG.toString(), client.getIdTokenSignedResponseAlg());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.ID_TOKEN_ENCRYPTED_RESPONSE_ALG.toString(), client.getIdTokenEncryptedResponseAlg());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.ID_TOKEN_ENCRYPTED_RESPONSE_ENC.toString(), client.getIdTokenEncryptedResponseEnc());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.USERINFO_SIGNED_RESPONSE_ALG.toString(), client.getUserInfoSignedResponseAlg());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.USERINFO_ENCRYPTED_RESPONSE_ALG.toString(), client.getUserInfoEncryptedResponseAlg());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.USERINFO_ENCRYPTED_RESPONSE_ENC.toString(), client.getUserInfoEncryptedResponseEnc());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.REQUEST_OBJECT_SIGNING_ALG.toString(), client.getRequestObjectSigningAlg());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.REQUEST_OBJECT_ENCRYPTION_ALG.toString(), client.getRequestObjectEncryptionAlg());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.REQUEST_OBJECT_ENCRYPTION_ENC.toString(), client.getRequestObjectEncryptionEnc());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.TOKEN_ENDPOINT_AUTH_METHOD.toString(), client.getTokenEndpointAuthMethod());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString(), client.getTokenEndpointAuthSigningAlg());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.DEFAULT_MAX_AGE.toString(), client.getDefaultMaxAge());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.REQUIRE_AUTH_TIME.toString(), Boolean.valueOf(client.getRequireAuthTime()));
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.DEFAULT_ACR_VALUES.toString(), client.getDefaultAcrValues());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.INITIATE_LOGIN_URI.toString(), client.getInitiateLoginUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.POST_LOGOUT_REDIRECT_URIS.toString(), client.getPostLogoutRedirectUris());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.REQUEST_URIS.toString(), client.getRequestUris());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.LOGOUT_URI.toString(), client.getLogoutUri());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.LOGOUT_SESSION_REQUIRED.toString(), client.getLogoutSessionRequired());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.FEDERATION_METADATA_URL.toString(), client.getFederationURI());
        Util.addToJSONObjectIfNotNull(jSONObject, RegisterRequestParam.FEDERATION_METADATA_ID.toString(), client.getFederationId());
        String[] strArr = null;
        String[] scopes = client.getScopes();
        if (scopes != null) {
            strArr = new String[scopes.length];
            for (int i = 0; i < scopes.length; i++) {
                strArr[i] = this.scopeService.getScopeByDn(scopes[i]).getDisplayName();
            }
        }
        Util.addToJSONObjectIfNotNull(jSONObject, "scopes", strArr);
        return jSONObject;
    }

    private static void putCustomStuffIntoObject(Client client, JSONObject jSONObject) throws JSONException {
        String dynamicRegistrationCustomObjectClass = ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationCustomObjectClass();
        if (StringUtils.isNotBlank(dynamicRegistrationCustomObjectClass)) {
            client.setCustomObjectClasses(new String[]{dynamicRegistrationCustomObjectClass});
        }
        List<String> dynamicRegistrationCustomAttributes = ConfigurationFactory.instance().getConfiguration().getDynamicRegistrationCustomAttributes();
        if (dynamicRegistrationCustomAttributes == null || dynamicRegistrationCustomAttributes.isEmpty()) {
            return;
        }
        Log log = Logging.getLog(RegisterRestWebServiceImpl.class);
        for (String str : dynamicRegistrationCustomAttributes) {
            if (jSONObject.has(str)) {
                JSONArray optJSONArray = jSONObject.optJSONArray(str);
                List list = optJSONArray != null ? org.xdi.oxauth.model.util.StringUtils.toList(optJSONArray) : Arrays.asList(jSONObject.getString(str));
                if (list != null && !list.isEmpty()) {
                    try {
                        client.getCustomAttributes().add(new CustomAttribute(str, list));
                    } catch (Exception e) {
                        log.debug(e.getMessage(), e, new Object[0]);
                    }
                }
            }
        }
    }
}
